29-11-202001-12-2020

Security daily (30-11-2020)

re:Invent 2020 – Your guide to AWS Identity and Data Protection sessions

AWS re:Invent will certainly be different in 2020! Instead of seeing you all in Las Vegas, this year re:Invent will be a free, three-week virtual conference. One thing that will remain the same is the variety of sessions, including many Security, Identity, and Compliance sessions. As we developed sessions, we looked to customers—asking where they […] (AWS Security Blog)

Twitter, WhatsApp users in Cuba report disruptions amid free speech protests

Social media users in Cuba experienced interruptions to Twitter and WhatsApp service over the weekend amid protests against government restrictions on free expression, according to a digital rights group and media outlets that track Cuba. “Twitter, WhatsApp, and, at certain moments YouTube and other Facebook servers, were intermittently unavailable” from Nov. 27 to Nov. 30 through Cuba’s state-owned telecommunications provider, according to NetBlocks, a digital rights group that tracks internet activity. Some Cubans reported that Twitter and WhatsApp only functioned properly if they used virtual private network (VPN) software to mask their location. The reported service issues coincided with protests by Cuban musicians, writers and activists against the communist government’s jailing of their colleagues. Cuban President Miguel Diaz-Canel has denounced the collective of artists, known as the San Isidro Movement, as an “imperialist reality show” backed by the United States. The Cuban government has nonetheless taken the rare step of meeting with the […] The post Twitter, WhatsApp users in Cuba report disruptions amid free speech protests appeared first on CyberScoop. (CyberScoop)

Supreme Court considers scope of federal anti-hacking law in biggest cyber case to date

Several U.S. Supreme Court justices, including some of President Donald Trump’s appointees, skeptically questioned a broad interpretation of the main federal anti-hacking law during oral arguments Monday. The hearing represented one of the final steps in the biggest case to come before the nation’s highest court involving the Computer Fraud and Abuse Act (CFAA), written in the 1980s. The case centers on when an individual “exceeds authorized access” to a computer, as defined by that law. The law has long held a contentious place in the cybersecurity world, where it’s viewed as hopelessly vague, outdated and overly punitive. One CFAA prosecution that drew particular criticism was that of Aaron Swartz, an internet activist who took his own life before he was scheduled to stand trial for allegedly downloading articles from an academic database, in a case where he faced decades in prison if convicted. The case now before the Supreme Court involves defendant Nathan […] The post Supreme Court considers scope of federal anti-hacking law in biggest cyber case to date appeared first on CyberScoop. (CyberScoop)

MacOS backdoor appears to be update of tool previously used by Vietnam-linked group

The hacking group known as APT32 or OceanLotus appears to have a new version of a tool used to infiltrate MacOS computers, according to researchers with cybersecurity company Trend Micro. The malicious software arrives as a .zip file that tries to disguise itself with a Microsoft Word icon, and it is engineered to evade detection by antivirus software, Trend Micro says. Once activated, the malware serves as a backdoor for other payloads that can exfiltrate data from an infected machine. It’s the latest sign of expanded or upgraded tactics from APT32, which is known for espionage campaigns that target Southeast Asia. Recent discoveries attributed to the group include efforts to use imitation news sites to spy on users and sometimes infect their machines with malware, and using the Google Play Store to distribute apps surreptitiously loaded with spyware. In this case, the MacOS backdoor appears to aimed at computers in Vietnam itself. “The […] The post MacOS backdoor appears to be update of tool previously used by Vietnam-linked group appeared first on CyberScoop. (CyberScoop)

It's hard to keep a big botnet down: TrickBot sputters back toward full health

Mounting evidence suggests that TrickBot, the vast botnet that both U.S. Cyber Command and a Microsoft-led coalition sought to disable around the 2020 elections, is on the mend and evolving. The separate campaigns featured Microsoft going to court to disable IP addresses associated with TrickBot command and control servers, as Cyber Command’s operation also targeted command and control servers.  Hints of its rebound began in late October, shortly after signs of success in the bids to dismantle the TrickBot network of zombie computers. While Cyber Command and Microsoft always billed their assaults as a disruption rather than a full takedown, the TrickBot comeback is proof that it’s difficult to kill a botnet outright. Botnets are dangerous because they can be used to conduct a range of harmful activities, like distributed denial of service attacks that overwhelm a site with traffic or ransomware attacks, the latter of which were a major issue of concern for U.S. national security […] The post It's hard to keep a big botnet down: TrickBot sputters back toward full health appeared first on CyberScoop. (CyberScoop)

Naked Security Live – The Gift Card hackers

Here's the latest Naked Security Live video - please watch and share with your friends... (Naked Security)

Home Wi-Fi security tips – 5 things to check

5 checks to make sure your home Wi-Fi is secure (Naked Security)

The Supreme Court Will Hear Its First Big CFAA Case

(News ≈ Packet Storm)

Hackers Are Targeting MacOS Users With Updated Malware

(News ≈ Packet Storm)

WarGames For Real: How One 1983 Exercise Nearly Triggered WWIII

(News ≈ Packet Storm)

Ransomware Halts Classes For 115,000 Baltimore Pupils

(News ≈ Packet Storm)

Post-Cyberattack, UVM Health Network Still Picking Up Pieces

More than a month after the cyberattack first hit, the UVM health network is still grappling with delayed payment processing and other issues. (Threatpost)

Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand

The ransomware group has leaked stolen data to add pressure on the company to pay up. (Threatpost)

Digitally Signed Bandook Trojan Reemerges in Global Spy Campaign

A strain of the 13-year old backdoor Bandook trojan has been spotted in an espionage campaign. (Threatpost)

MacOS Users Targeted By OceanLotus Backdoor

The new backdoor comes with multiple payloads and new detection evasion tactics. (Threatpost)

29-11-202001-12-2020

/security-daily/ 01-12-2020 23:44:23